>Are you sure your accounts can’t be broken into with social engineering?
And who's to say that you can't also use social engineering to recover the real email? eg. "I forgot which email I used, but it's on my domain, example.com". This is even more plausible if you use any of the "tricks" that the GP mentioned, like putting random characters, since it further lends credence to your "forgot my email" story.
>Is your password manager infallible?
Considering you have to store all those different emails somewhere, I don't see how this mitigates the treat.
>It’s defence in depth.
Sure, it's defense in depth, but the gains in security is so marginal.
>Of course you may also do this for privacy reasons as well
Sure, I'd buy that aspect, but catchall domains or dot/plus tricks aren't going to cut it because they're relatively easy to deanonimize. Not to mention all the data you leak on those platforms just by using them (location references, friend lists, interests, etc.)
all the ones in my password manager are
>Are you sure your accounts can’t be broken into with social engineering?
And who's to say that you can't also use social engineering to recover the real email? eg. "I forgot which email I used, but it's on my domain, example.com". This is even more plausible if you use any of the "tricks" that the GP mentioned, like putting random characters, since it further lends credence to your "forgot my email" story.
>Is your password manager infallible?
Considering you have to store all those different emails somewhere, I don't see how this mitigates the treat.
>It’s defence in depth.
Sure, it's defense in depth, but the gains in security is so marginal.
>Of course you may also do this for privacy reasons as well
Sure, I'd buy that aspect, but catchall domains or dot/plus tricks aren't going to cut it because they're relatively easy to deanonimize. Not to mention all the data you leak on those platforms just by using them (location references, friend lists, interests, etc.)